OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/common/net/x509_certificate_model.h" | 5 #include "chrome/common/net/x509_certificate_model.h" |
6 | 6 |
7 #include "base/files/file_path.h" | 7 #include "base/files/file_path.h" |
8 #include "base/path_service.h" | 8 #include "base/path_service.h" |
9 #include "net/base/test_data_directory.h" | 9 #include "net/base/test_data_directory.h" |
10 #include "net/cert/nss_cert_database.h" | 10 #include "net/cert/nss_cert_database.h" |
(...skipping 10 matching lines...) Expand all Loading... |
21 // Remove this when OpenSSL build implements the necessary functions. | 21 // Remove this when OpenSSL build implements the necessary functions. |
22 EXPECT_EQ(net::UNKNOWN_CERT, | 22 EXPECT_EQ(net::UNKNOWN_CERT, |
23 x509_certificate_model::GetType(cert->os_cert_handle())); | 23 x509_certificate_model::GetType(cert->os_cert_handle())); |
24 #else | 24 #else |
25 EXPECT_EQ(net::CA_CERT, | 25 EXPECT_EQ(net::CA_CERT, |
26 x509_certificate_model::GetType(cert->os_cert_handle())); | 26 x509_certificate_model::GetType(cert->os_cert_handle())); |
27 | 27 |
28 // Test that explicitly distrusted CA certs are still returned as CA_CERT | 28 // Test that explicitly distrusted CA certs are still returned as CA_CERT |
29 // type. See http://crbug.com/96654. | 29 // type. See http://crbug.com/96654. |
30 EXPECT_TRUE(net::NSSCertDatabase::GetInstance()->SetCertTrust( | 30 EXPECT_TRUE(net::NSSCertDatabase::GetInstance()->SetCertTrust( |
31 cert, net::CA_CERT, net::NSSCertDatabase::DISTRUSTED_SSL)); | 31 cert.get(), net::CA_CERT, net::NSSCertDatabase::DISTRUSTED_SSL)); |
32 | 32 |
33 EXPECT_EQ(net::CA_CERT, | 33 EXPECT_EQ(net::CA_CERT, |
34 x509_certificate_model::GetType(cert->os_cert_handle())); | 34 x509_certificate_model::GetType(cert->os_cert_handle())); |
35 #endif | 35 #endif |
36 } | 36 } |
37 | 37 |
38 TEST(X509CertificateModelTest, GetTypeServer) { | 38 TEST(X509CertificateModelTest, GetTypeServer) { |
39 scoped_refptr<net::X509Certificate> cert( | 39 scoped_refptr<net::X509Certificate> cert( |
40 net::ImportCertFromFile(net::GetTestCertsDirectory(), | 40 net::ImportCertFromFile(net::GetTestCertsDirectory(), |
41 "google.single.der")); | 41 "google.single.der")); |
42 ASSERT_TRUE(cert.get()); | 42 ASSERT_TRUE(cert.get()); |
43 | 43 |
44 #if defined(USE_OPENSSL) | 44 #if defined(USE_OPENSSL) |
45 // Remove this when OpenSSL build implements the necessary functions. | 45 // Remove this when OpenSSL build implements the necessary functions. |
46 EXPECT_EQ(net::UNKNOWN_CERT, | 46 EXPECT_EQ(net::UNKNOWN_CERT, |
47 x509_certificate_model::GetType(cert->os_cert_handle())); | 47 x509_certificate_model::GetType(cert->os_cert_handle())); |
48 #else | 48 #else |
49 // Test mozilla_security_manager::GetCertType with server certs and default | 49 // Test mozilla_security_manager::GetCertType with server certs and default |
50 // trust. Currently this doesn't work. | 50 // trust. Currently this doesn't work. |
51 // TODO(mattm): make mozilla_security_manager::GetCertType smarter so we can | 51 // TODO(mattm): make mozilla_security_manager::GetCertType smarter so we can |
52 // tell server certs even if they have no trust bits set. | 52 // tell server certs even if they have no trust bits set. |
53 EXPECT_EQ(net::UNKNOWN_CERT, | 53 EXPECT_EQ(net::UNKNOWN_CERT, |
54 x509_certificate_model::GetType(cert->os_cert_handle())); | 54 x509_certificate_model::GetType(cert->os_cert_handle())); |
55 | 55 |
56 net::NSSCertDatabase* cert_db = net::NSSCertDatabase::GetInstance(); | 56 net::NSSCertDatabase* cert_db = net::NSSCertDatabase::GetInstance(); |
57 // Test GetCertType with server certs and explicit trust. | 57 // Test GetCertType with server certs and explicit trust. |
58 EXPECT_TRUE(cert_db->SetCertTrust( | 58 EXPECT_TRUE(cert_db->SetCertTrust( |
59 cert, net::SERVER_CERT, net::NSSCertDatabase::TRUSTED_SSL)); | 59 cert.get(), net::SERVER_CERT, net::NSSCertDatabase::TRUSTED_SSL)); |
60 | 60 |
61 EXPECT_EQ(net::SERVER_CERT, | 61 EXPECT_EQ(net::SERVER_CERT, |
62 x509_certificate_model::GetType(cert->os_cert_handle())); | 62 x509_certificate_model::GetType(cert->os_cert_handle())); |
63 | 63 |
64 // Test GetCertType with server certs and explicit distrust. | 64 // Test GetCertType with server certs and explicit distrust. |
65 EXPECT_TRUE(cert_db->SetCertTrust( | 65 EXPECT_TRUE(cert_db->SetCertTrust( |
66 cert, net::SERVER_CERT, net::NSSCertDatabase::DISTRUSTED_SSL)); | 66 cert.get(), net::SERVER_CERT, net::NSSCertDatabase::DISTRUSTED_SSL)); |
67 | 67 |
68 EXPECT_EQ(net::SERVER_CERT, | 68 EXPECT_EQ(net::SERVER_CERT, |
69 x509_certificate_model::GetType(cert->os_cert_handle())); | 69 x509_certificate_model::GetType(cert->os_cert_handle())); |
70 #endif | 70 #endif |
71 } | 71 } |
72 | 72 |
73 // An X.509 v1 certificate with the version field omitted should get | 73 // An X.509 v1 certificate with the version field omitted should get |
74 // the default value v1. | 74 // the default value v1. |
75 TEST(X509CertificateModelTest, GetVersionOmitted) { | 75 TEST(X509CertificateModelTest, GetVersionOmitted) { |
76 scoped_refptr<net::X509Certificate> cert( | 76 scoped_refptr<net::X509Certificate> cert( |
77 net::ImportCertFromFile(net::GetTestCertsDirectory(), | 77 net::ImportCertFromFile(net::GetTestCertsDirectory(), |
78 "ndn.ca.crt")); | 78 "ndn.ca.crt")); |
79 ASSERT_TRUE(cert.get()); | 79 ASSERT_TRUE(cert.get()); |
80 | 80 |
81 EXPECT_EQ("1", x509_certificate_model::GetVersion(cert->os_cert_handle())); | 81 EXPECT_EQ("1", x509_certificate_model::GetVersion(cert->os_cert_handle())); |
82 } | 82 } |
OLD | NEW |